secrets-provider-for-k8s
secrets-provider-for-k8s copied to clipboard
cyberark
Cyberark secrets provider for k8s
Current solution: Customer supplies this value in CONTAINER_MODE env var to Secrets Provider. Enhanced solution: Use K8s API GET namespaces/{namespace}/pods/{pod} to get the pod's manifest and derive the deployment used...
Current solution: The Secrets Provider code looks at the `K8S_SECRETS` environment variable in each of the pod manifests to know which K8s Secret to update with Conjur values. Listing each...
Current solution: Customer supplies these values using Downward API for `MY_POD_NAME` and `MY_POD_NAMESPACE` env vars in Secrets Provider manifest. Enhanced solution: Get pod's namespace from /var/run/secrets/kubernetes.io/serviceaccount/namespace file inside the container....
Current solution: For each K8s secret, pull its values from Conjur and write them into the K8s secret. Enhanced solution: Before writing the K8s secret, compare it with the existing...
For our releases we are able to use a [tool](https://github.com/cyberark/utility-license-generation) for autogenerating our `NOTICES.txt` We would like to add this as part of our pipeline so it will make for...
## Summary The Secrets Provider image for Kubernetes is not updating the secrets file when the template in the ConfigMap is updated while using the push-to-file approach. ## Steps to...
## Summary *Secrets Provider To handle more than 50 Conjur secrets, you can set up multiple Secrets Providers. When we attempt to create 2nd secret provider it fails, Error: INSTALLATION...
## Is your feature request related to a problem? Please describe. Yes, the current requirement for the conjur_ssl_certificate in the CyberArk Secrets Provider for Kubernetes poses a challenge for users...
Hello, in our enterprise company, we have faced the urgency of password rotation. One of the main requirements was to be able to rotate credentials without service restarts (containers can...
### Desired Outcome File templates can be used the same way for k8s_secrets as it is used in push-to-file configuration. Templates in secret annotation are rendered and store in target...